Coldhak, a Canadian non-profit, is among the Twitter users recently warned by the microblogging service that their accounts might be targeted for hacking by “state-sponsored actors.” Coldhak on Friday posted a tweet with the text of the warning from Twitter.
The e-mail warning said hackers “possibly associated with a government” might be trying to gain information about Twitter users’ e-mail addresses, IP addresses and/or phone numbers. This is the first time Twitter has sent out such a warning about state-sponsored security risks.
in October, Facebook also announced that it would begin alerting users whenever it has reason to believe their accounts have been targeted by government-led cyberattacks.
Twitter did not respond to our request for more details about the warning e-mails. According to a report published Saturday in The Verge, “at least 11 Twitter users” — including security professionals and mass surveillancee researchers — received the e-mail from Twitter early Friday evening.
Jeremy Hiebert, one of the founding directors of Coldhak, told us today, “We have not contacted Twitter as they have stated they will contact us with further information once they are ready. We have never received a warning like this before.”
Hiebert added that he has responded to the warning by taking time to answer e-mails and “keep an eye on publications regarding these events.”
The e-mail to Twitter users said the company was alerting them as a precaution. “At this time, we have no evidence they obtained your account information, but we’re actively investigating this matter,” according to Twitter. “We wish we had more we could share, but we don’t have any additional information we can provide at this time.”
State-Sponsored Cyberattacks ‘On the Rise’
In its warning to users, Twitter offered several tips, noting that “this may be of particular concern if you choose to tweet using a pseudonym.” The company suggested that users learn more about how to protect their identities by visiting the Tor Project or the Electronic Frontier Foundation’s (EFF) guide to “Protecting Yourself on Social Networks.”
Among some of the suggestions offered by the EFF are to use a strong password that can’t be guessed by information provided on social media, enable two-factor authentication, and opt out of tracking schemes often used by social networking sites in conjunction with data brokers.
“In addition to governmental or political targets, state-linked hackers have also damaged private businesses,” said researchers Patryk Pawlak and Gergana Petkova in their report, “State-sponsored hackers: hybrid armies?” released earlier this year. “Available data suggest that cyber-espionage by state-affiliated groups is on the rise.”
The leading state-sponsored hacking groups today include the U.S. National Security Agency’s Office of Tailored Access Operations, the Russian government-led Sofacy Group, North Korea’s Bureau 121 and China’s Putter Panda, according to the security news site Techworm.
This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.